Database Administrators Stack Exchange is a question and answer site for database professionals who wish to improve their database skills and learn from others in the community. It's 100% free, no registration required.

Questions on Database Administrators Stack Exchange are expected to relate to database administration within the scope defined by the community. Consider editing the question or leaving comments for improvement if you believe the question can be reworded to fit within the scope. Read more about reopening questions here.
If this question can be reworded to fit the rules in the help center, please edit the question.

Welcome to DBA.SE! Are you asking for a regex to run on parameters used in UPDATE/SELECT queries from within another application?
–
Derek DowneyOct 1 '11 at 16:20

Hi @Smokepk and welcome to Database Administrators, you're actually going about this all wrong. In two parts, here they are: This site is about the hard database problems (at least, that's what we want to be about), and your question is really about parameterized queries. So in regards to your question about preventing sql injection attacks, I would point you instead back to google to learn about paramterized queries, or possibly to Stack Overflow where the topic has been discussed endlessly. Put simply enough, that's not what regexes are for, no more than hammer is used to fix a broken water heater.
–
jcolebrand♦Oct 1 '11 at 16:40